How severe is CVE-2023-40720?

CVE-2023-40720 has a CVSS v3 score of 7.1 (HIGH).

CVE-2023-40720

Name: fortivoice
Author: fortinet

7.1HIGH

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP config

Publicado: 5/14/2024Actualizado: 11/21/2024

Descripción

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests.

Análisis IAImpulsado por IA

Productos Afectados

fortinetfortivoice

7.0.0

fortinetfortivoice

7.0.1

Referencias

https://fortiguard.com/psirt/FG-IR-23-282
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-23-282
Vendor Advisory